Advisory: security issues in AWS KMS and AWS Encryption SDKs
vnhacker.substack.com
I discovered and reported to Amazon the following security vulnerabilities affecting AWS KMS and all versions of AWS Encryption SDKs prior to version 2.0.0: Information leakage: an attacker can create ciphertexts that would leak the user’s AWS account ID, encryption context, user agent, and IP address upon decryption
Advisory: security issues in AWS KMS and AWS Encryption SDKs
Advisory: security issues in AWS KMS and AWS…
Advisory: security issues in AWS KMS and AWS Encryption SDKs
I discovered and reported to Amazon the following security vulnerabilities affecting AWS KMS and all versions of AWS Encryption SDKs prior to version 2.0.0: Information leakage: an attacker can create ciphertexts that would leak the user’s AWS account ID, encryption context, user agent, and IP address upon decryption